Cyber liability insurance: do business really need it?
We’ve all seen the alarmingly regular stories about big multinational companies falling victim to cyber-attacks. With that in mind, you’d be forgiven for thinking cyber criminals are only interested in the big boys.
Well, are they? As a small-business owner can you simply sit back and relax? Is cyber security someone else’s problem?
Sadly, the answer is no. If you use email, hold customer data, take online payments (or even if you just have a website) you could be at risk.
Cyber liability and small business
There are a whopping 5.4 million SMEs in the UK, making up over 99% of all businesses. That’s a big pond for hackers to fish in. Although any one business on its own might not seem a lucrative target for cybercriminals, add up the small gains (in data or money) and it’s clear there are rich pickings.
There are several reasons why a hacker might target you or your business, but most of the time it’s quite simple: your money, your data, your customers’ money, and your customers’ data. All of it in one go, ideally.
It’s sometimes easy to assume your business doesn’t have what hackers want. But it’s safer to assume it does.
- IT consultants hold data including names, addresses, passwords and other personal information
- Marketing consultants hold reams of company information and confidential strategic information
- Photographers hold contact information, personal information and store images of their clients
Each of these businesses needs to keep its data both safe and easily accessible, meaning each one is a potential target.
Hacked and held hostage
But of course, hacks and data breaches are just one type of cybercrime. A particular favourite of the small-time cyber-crim is the good old ransomware attack. The key here is the ransom amounts demanded – they might be relatively low but that makes them more likely to be paid. A few thousand here and there might not seem like much but, again, add it all up and it’s like winning the cybercrime lottery.
A good example is the case of MNH Platinum, a vehicle hire company in Blackburn. It was forced to pay a £3,000 ransom after hackers unleashed a virus that encrypted over 12,000 files across their network. Files they needed. They had no choice but to pay up, and then invest more time, money, and resources into discovering exactly how the breach had occurred.
Managing director, Mark Hindle, wisely said, “I’m thankful we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”
Although it’s debatable MNH actually was in any way ‘lucky’, its experience could’ve been a lot worse. There’s no cap on what ransom could be demanded, what data could be stolen, whether it’ll be returned if payment’s made, or what emails could be sent out – apparently from you – to your entire contact list.
Your cyber liability insurance options
You might not think your business is a likely target, but you’re right to think it could be an easy target. It’s unlikely you have the money, knowledge, people or procedures to keep up with the evolving world of cybercrime. That’s a problem because hackers like an easy life – they’d much rather target a small business if they can get into its systems in a way they can’t with a large one.
Really, it doesn’t matter how large or small your business. Raided databases or hacked websites take time and money to fix. The business cost of seeing to the immediate problem and dealing with the consequences isn’t to be taken lightly.
But you don’t have to be the weak link: cyber insurance policies help get you back on your feet following a cyber-attack. It picks up the tab for the obvious things like finding out what happened and repairing your systems, but it covers the unforeseen expenses such as dealing with regulators and losing revenue from being offline too.
This guide to what to look for in your cyber insurance might be helpful.
So, who needs cyber liability insurance?
Everyone. But especially you.